Security Specialist

Jose Merciline

New York

JOB DETAILS
SKILLS
Auditing, Business Processes, Citrix Product Family, Communication Skills, Computer Security, DMZ, Data Recovery, Database Management Software/Systems (DBMS), Desktop Virtualization, IBM AS-400 Server, IBM DB2, IBM z-OS Operating System, Internal Audit, Internet Security, Intrusion Detection Systems, Intrusion Prevention Systems, Linux Operating System, Load Balancing, Local Area Network (LAN), Metasploit, Nessus, Network Architecture/Engineering, Network Attached Storage (NAS), Network Security, Operating Systems, Presentation/Verbal Skills, Replication and Remote Mirroring, Risk Analysis, Risk Management, SQL (Structured Query Language), Security Auditing, Storage Area Network (SAN), Sybase Product Family, Technical Support, Test Tools, Testing, U.S. National Institute of Standards and Technology (NIST), Unix Operating Systems, Virtualization, Web Application Framework, Wide Area Network (WAN), Writing Skills
LOCATION
New York
POSTED
16 days ago

Resource required: 2 resources

Duration: Now – December 2021


Scope/ Deliverable:

Assist internal audit in conducting Fieldwork and testing during audits for Cyber security and Network and technology Infrastructure

Assist with issue monitoring and closure verification

Assist with Cybersecurity Audit testing and reviews

Review and Testing of general infrastructure and technology controls supporting business processes

Continuous Monitoring of technology activities


Skillset Required:


Qualifications: We seek individuals with 5 to 10 years IT auditing experience, preferably in financial services.


Required Technical skills:

For Cyber Auditors:


• Understanding of audit objectives and concepts, e.g., risk and control assessment.

•Understanding of Cyber frameworks: NIST, CSC, FFIEC handbook and frameworks .

• Vulnerability assessment and Pen test tools such as Burpsuite, Nessus, Metasploit, Kali-Linux etc


For Infrastructure Auditor (2-3 of the following)

• Network Architecture (LAN, WAN, DMZ, OOB)

• Network Security (IPS, IDS, FW, DLP)

• Virtualization concepts (Citrix, VDI)

• Storage (SAN, NAS, Replication)

• Backup, Recovery, Fusion (HA, DR), Load Balancers (App+ Infra)

• OS (Win, Unix, Linux, z/OS, AS400)

• DBMS (DB2, MS-SQL, Sysbase)


Required Auditing Skills

• Excellent written and oral communication skills, in particular related to audit practices (interviewing, drafting and finalizing audit issues, and audit results presentation)

• Ability to identify IT risk, the possible impact to the organization and evaluating the mitigating controls

• Ability to design, and execute effective audit testing (Manual, Automatic, including use of 3rd party tools).


Technology skills/background and related professional certifications (CISA, CEH, CISM, CISSP etc.).


About the Company

J

Jose Merciline